Recently we had an issue that called into the use of checking to see if some ports were open and listening on our servers. Naturally, we could have used a tool such as portqry.exe to gather this information. However, you can only use it on one system at a time which meant either incorporating it with Powershell and call the .exe when needed. While a good idea, I wanted to build something that was free of any extra tools and just rely on Powershell itself to complete this task.

After doing some research and looking some examples online, I found that this could in fact be easily done. Initially I was going to have it scan for TCP ports, but decided that checking UDP ports would be a good idea as well. My goal was to not only be able to scan multiple hosts, but to also scan multiple ports and report back which ones were open and which were closed.

Using the System.Net.Sockets namespace, I was able to create an object that I could then use to test both TCP and UDP ports.

The rest of the script uses the Add-Member cmdlet to add items to the created PSObject that holds all of the information for the report. I also make use of string manipulation such as Split(), Replace() and TrimStart() to make the error messages more readable in the report.

I decided to run the port scan against my local domain controller and google.com to show that some ports are open and others are not. In the case of DC1, only TCP port 53 (DNS) was open and at google.com, TCP ports 80 (HTTP) and 443 (HTTPS) were open.

20 Responses to Scanning ports on multiple hosts

I’m a newbie to this, and I can’t get this to work. I’m trying to test our firewall by running a port-scan from a web frontend, to the sql server. When I try to run this, nothing happens. What do I have to do?
Thanks

PS C:\checksqlserver> test-port
The term ‘test-port’ is not recognized as the name of a cmdlet, function, script file, or operable program. Check the s
pelling of the name, or if a path was included, verify that the path is correct and try again.
At line:1 char:10
+ test-port <<< ./test-port.ps1
PS C:\checksqlserver>

This is a great Post!
I have couple of queries
1. Tried to export the result to .csv/xls but i couldnot able to make it any idea how to export the result?
2. Result i wanted something like IP, port 80, Port 443, etc Results(Open or False), is this possible

Hi Jody, thanks for the comment!
By design, the Test-Port function requires a computer and port name. If one is not given, there will be a prompt for both of these.
For instance this example shows me adding my server (DC1) and ports 80 and 443 after each prompt.
PS C:\Users\boe\Downloads\PowerShell_Scripts> Test-Port

Using this should avoid you having to prompt for a hostname or ip address. If you do still want to use a prompt for this information then this would work:
#Record IP or hostname for server
$HostnamePO=Read-Host “Enter name or IP of Server”
Test-Port -computer $hostnamePO -port 443,80

I’ve been using your function for a week now, and I’m really happy with it.

Unfortunately, I believe there is a issue with -UDP. Indeed, I’m trying to test Port 137 and Port 138 UDP. The server I’m trying to test is disconnected from the network, but the test returns True as if the ports were open.